Bind 9.7.3 not forwarding to ISP DNS server (only local resolving successful)
I had a similar issue with the latest ubuntu server version (12.04 LTS). The problem was that the dnssec-validation option in /etc7bind/named.conf.options was set to auto. I changed it to no:
dnssec-validation no;
This solved my problem. In fact dnssec tries to validate the forwarder, and this was failling for my forwarder. You can check in /var/log/syslog for an DNS error similar to:
Aug 31 19:38:06 srv1 named[3208]: error (no valid RRSIG) resolving 'ch/DS/IN': 192.168.1.1#53
(my forwarder is 192.168.1.1).
Related videos on Youtube
06 : 02
06 : 06
09 : 59
12 : 04
02 : 09
Huzefa Akhter
Updated on September 18, 2022Comments
-
Huzefa Akhter almost 2 years
I have a bind DNS where I have installed SAMBA and made it a BDC. I plan to promote it to PDC and take out the Win2003 AD server to replace it with Samba.
Bind is installed on that same server as Samba and internal resolving work fine. However forwarding to the external DNS server for some reason does now work.
dig @8.8.8.8 google.com yields the correct output so I expect no connection issues.
The OS is Ubuntu (2.6.32) and Bind 9.7.3
What I have tried so far,
1) Adding to named.conf.options
recursion yes; allow-recursion { localhost; };2) Adding to named.conf.options
recursion yes; allow-recursion { localhost; 10.10.14.241; };3) Adding to named.conf.local
zone "." { type hint; file "/etc/bind/root_servers.hosts"; };4) Adding to named.conf.options
forwarders { 8.8.8.8 };5) Adding to named.conf.local where the zone info is saved
zone "DOMAIN.COM" { type master; file "/var/lib/bind/DOMAIN.COM.hosts"; check-names ignore; forwarders { 8.8.8.8; }; };None have worked so far,
Please advice.
Thanks.
-
ravi yarlagadda almost 12 yearsWhat system are you querying the server from? What response do you get?
-
